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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on July 1 7, 
2006 has been entered. 

2. Claims 1 0-1 53 are cancelled. 

3. Claims 1-3, and 5-9 are currently being considered. 



Claim Objections 

4. Claim 5 is objected to under 37 CFR 1.75(c), as being of improper dependent 
form for failing to further limit the subject matter of a previous claim. Applicant is 
required to cancel the claim(s), or amend the claim(s) to place the claim(s) in proper 
dependent form, or rewrite the claim(s) in independent form. Claim 5 repeats, in part, 
what is claimed in the fifth limitation of claim 1 , and therefore, does not further limit the 
claim. 



Claim Rejections - 35 USC §112 
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The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claims 1-3, and 5-9 are rejected under 35 U.S.C. 112, second paragraph, as 

being indefinite for failing to particularly point out and distinctly claim the subject matter 

which applicant regards as the invention. Claim 1 states that a first message is 

transmitted from the called party to the calling party, said first message including "said 

first random number." However, in the first limitation of claim 1 , the first random number 

is associated with the calling party. Therefore, it is interpreted that the calling party is 

the party, which has possession of the first random number. The claim is deemed 

indefinite because it is unclear why the called party would send the first random number 

to the calling party when the calling party already has possession of the first random 

number. The same arguments follow for the limitation concerning the second message, 

as the calling party is sending the second random number to the called party. For the 

purposes of examination, it is interpreted that the calling and called parties have the 

second and first random keys, respectively. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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5. Claims 1-2, 5 and 9 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Vanstone et al. (U.S. Patent 6,487,660), in view of Bellovin et al. (U.S. Patent 
5,241,599). 

Regarding claim 1 , Vanstone discloses: 

A method for establishing secure communication between a calling party and a 
called party, consisting essentially of: 

identifying a first shared random number associated with a calling party (column 
3 lines 35-42), wherein x is the first random number; 

identifying a second random number associated with a called party (column 3 
lines 42-44), wherein y is the second random number; 

identifying said calling party to said called party (column 3 lines 45-53), wherein 
an identification string is sent from the ATM to the server; 

generating a public-private key pair by said called party (column 5 lines 1-10), 
wherein the server generates its private-public key pair; 

transmitting a second message from said calling party to said called party, said 
second message including said second shared random number, and said second 
message (column 3 lines 55-56) and 

obtaining a shared secret key from an output of a combining function having a 
first input including said first shared random number and having a second input 
including said second shared random number (column 6 lines 25-30). 
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Vanstone does not explicitly disclose transmitting a first message from the called 
party to the calling party wherein the first message includes a first random number and 
the public portion of the public-private key pair. Bellovin discloses a system of bi- 
directional secure communication where a public key is sent from a sender to a 
receiver, the public key being encrypted with a password (column 5 lines 18-32). 
Bellovin uses this exchange to set up a session key to be used for encrypting bi- 
directional communications between sender and receiver. Vanstone and Bellovin are 
analogous arts as both are concerned with setting up a secure communication channel 
between a sender and a receiver. Bellovin transmits the public key encrypted with a 
password from a sender to a receiver in order to set up a session key for bi-directional 
communications. In Vanstone, the public keys are either built into the devices, or 
transmitted by a third party (column 5 lines 1-24). It would have been obvious to one of 
ordinary skill in the art at the time of the invention use the method of Bellovin to transmit 
the public key to the calling party in order to set up a session key without the 
involvement of a third party which would allow the set up of a private and authenticated 
communication between parties that only share a secret, while avoiding the costs and 
restrictions of prior cryptographic protocols (column 3 lines 52-62) such as a third party 
controlling key distribution as delineated in Vanstone. 

Furthermore, Vanstone does not disclose that the second message is encrypted 
with the public key. Bellovin discloses that a message containing a random number is 
encrypted with a public key (column 5 lines 33-38). Vanstone and Bellovin are 
analogous arts as both are concerned with setting up a secure communication channel 
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between a sender and a receiver. It would have been obvious to one of ordinary skill in 
the art at the time of invention use a public key to encrypt the message in order to 
secure the exchange of the parameters so that a private and authenticated 
communication between parties that only share a secret, while avoiding the costs and 
restrictions of prior cryptographic protocols (column 3 lines 52-62). 

Claim 2 is rejected as applied above in rejecting claim 1 . Furthermore, Vanstone 
discloses: 

The method of claim 1 , wherein said combining function includes a logical 
function (column 3 lines 52-62). 

Claim 5 is rejected as applied above in rejecting claim 1. Furthermore, Vanstone 
discloses: 

The method of claim 1 , further comprising the step of transmitting a second 
message from said second computer to said first computer, said second message 
including said second shared random number (column 3 lines 55-56). 

Claim 9 is rejected as applied above in rejecting claim 5. Vanstone does not disclose 
wherein the first message includes an asymmetric key. Bellovin discloses a system of 
bi-directional secure communication where a public key is sent from a sender to a 
receiver, the public key being encrypted with a password (column 5 lines 18-32). 
Bellovin uses this exchange to set up a session key to be used for encrypting bi- 
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directional communications between sender and receiver. Vanstone and Bellovin are 
analogous arts as both are concerned with setting up a secure communication channel 
between a sender and a receiver. Bellovin transmits the public key encrypted with a 
password from a sender to a receiver in order to set up a session key for bi-directional 
communications. In Vanstone, the public keys are either built into the devices, or 
transmitted by a third party (column 5 lines 1-24). It would have been obvious to one of 
ordinary skill in the art at the time of the invention use the method of Bellovin to transmit 
the public key to the calling party in order to set up a session key without the 
involvement of a third party which would allow the set up of a private and authenticated 
communication between parties that only share a secret, while avoiding the costs and 
restrictions of prior cryptographic protocols (column 3 lines 52-62) such as a third party 
controlling key distribution as delineated in Vanstone. 



5. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Vanstone 
et al. (U.S. Patent 6,487,660), in view of Bellovin et al. (U.S. Patent 5,241 ,599) in further 
in view of Shonaetal. (U.S. Patent 6,018,581). 

Claim 3 is rejected as applied above in rejecting claim 2. Vanstone-Bellovin does not 
explicitly disclose that the logical function is an XOR function. Shona discloses a 
method wherein the logical function is an exclusive-or (XOR) function (column 6 lines 
12-16, lines 22-25). It would have been obvious to one of ordinary skill in the art at the 
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time of invention to combine the teachings of Shona with the teachings of Vanstone- 
Bellovin to make the encryption key greatly varied (column 6 lines 25-29). 



6. Claims 6-8 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Vanstone et al. (U.S. Patent 6,487,660), in view of Bellovin et al. (U.S. Patent 
5,241,599) in further in view of Wu (U.S. Patent 6,539,749). 

Regarding claims 6-8, Vanstone does not explicitly disclose wherein the first message is 
encoded using a password. Bellovin discloses a system of bi-directional secure 
communication where a public key is sent from a sender to a receiver, the public key 
being encrypted with a password (column 5 lines 18-32). Bellovin^uses this exchange 
to set up a session key to be used for encrypting bi-directional communications between 
sender and receiver. Vanstone and Bellovin are analogous arts as both are concerned 
with setting up a secure communication channel between a sender and a receiver. 
Bellovin transmits the public key encrypted with a password from a sender to a receiver 
in order to set up a session key for bi-directional communications. In Vanstone, the 
public keys are either built into the devices, or transmitted by a third party (column 5 
lines 1-24). It would have been obvious to one of ordinary skill in the art at the time of 
the invention use the method of Bellovin to transmit the public key to the calling party in 
order to set up a session key without the involvement of a third party which would allow 
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the set up of a private and authenticated communication between parties that only 
share a secret, while avoiding the costs and restrictions of prior cryptographic protocols 
(column 3 lines 52-62) such as a third party controlling key distribution as delineated in 
Vanstone. However, the password is not encoded/encrypted. Wu teaches that the 
password is an encoded password (column 3 lines 33-37). Wu, Vanstone and Bellovin 
are all analogous arts as they are all concerned with setting up a secure communication 
channel via a session key. It would have been obvious to one of ordinary skill in the art 
at the time of invention to have combined the teachings of Vanstone-Bellovin, with the 
teachings of WU, in order to verify a user's asserted password without having to reveal 
the user's password (column 3 lines 35-37). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

KA 

09/28/2006 
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